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s Tne recant rapid growth of information 

applications on international public pacJcet-switched 
computer networks such as the Internet suggests that 
public computer networks have the potential to establish 
a new kind of open nsarketplace for 9 cods and services, 
10 Such a aarfcetplace cevJd be created with a network, sales 
system that comprises a plurality of buyer and merchant 
computers , means for the users of the buyer computers to 
display digital advertisements tron the merchant 
computers, and jseans for the users to purchase products 
is described by the advertisements, 

A network based sales system will need to allow 
users to preview products; at little or no cost, and will 
need to stake a large number of product advertisements 
available in a convenient manner. In addition, the 
20 shopping system will need to include easy-to-use 

facilities for a ussr to purchase desired products using 
a merchant independent payment nethod. In addition the 
network sales will need to allow nev buyers and .merchants 
to enter the market, 
2S A central requirement for a «arketplace is a 

payment, mechanism, but at present no merchan 
payment mechanism is available for computer networks 
permits users to utilise conventional rinancial 
instruments such as credit cards, debit cards, 
30 deposit account balances. We expect that both retail 
payment ana wholesale payment mechanises will be 
for networks, with consumers using the retail 
for modest size purchases, and institutions using the 
wholesale mechanism for performing settlement, between 
3S trading partners. For wide acceptance the retail 

will need to be a logical evolution of existing 



credit-card.. debit-card, and Automated Clearing House 
facilities, while for acceptance the wholesale mechanism 
will need tc be an evolved version of corporate 
electronic funds transfer. 
5 These problems of have been approached in the 

past by network based sales systems wherein, for example, 
each *erchant maintains an account for each user, A user 
nsust establish an account with each merchant in advance 
in order to be able to utilize the merchant. The prior 
io art. network based sales systems are not designed to allow 
users to use their existing credit card and demand 
deposit accounts tor payment, nor are they designed to 
allow for programs to be included in digital 
advertisements. 
ls According, therefore, it is a primary objective 

of this invention to provide a user interactive network 
sales system in which the user can freely use any 
merchant of choice and utilise existing financial 
instruments for payment. Other objects include a network 
20 sales system which provides & nigh-quality user 

interface, which provides users with a wide variety and 
large volume of advert is assents , which is easily 
extensible to new services,, and which is easily expanded 
to new applications vitnin the existing infrastructure of 

n the system. 

Still ether objects of the invention are to 
provide a network payment system that will authorise 
payment orders and remove part of the risk of fraud fro® 
merchants > 

30 An unavoidable property of public computer 

networks is that they are comprised of switching,, 
transmission, and host computer components controlled by 
way individuals and organizations. Thus it is 
impossible for a network payment system to depend upon a 

35 ^ciliad .minion required degree of software, hardware, 
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and physical security for all of the components in a 
public network. For sx ample*, seers t keys stored in a 
given user's personal computer can be compromised, 
switches can be tampered with to redirect traffic, and 
5 transmission facilities can be intercepted and 
manipulated* 

The risk of performing retail payment in a public 
network is compounded by statutes that make a payment 
system operator in part liable for the security lapses of 

io its users. Existing Federal statutes in the United 

States, including the Electron ic Funds Transfer Act and. 
the Consumer Credit Protect ion Act, require the operator 
of a payment mechanism to limit consumer liability in 
many cases, Payment system operators may have other 

•5 fiduciary responsibilities; for wholesale transactions, 
similar responsibilities exist in other countries for 
retail and wholesale transactions. 

In existing credit card payment systems, a credit 
card's issuing bank takes un the fraud risk associated 

20 with misuse of the card when a merchant follows 
established card acceptance protocols. Acceptance; 
protocols can include verifying a card holder's signature 
on the back of their card and obtaining authorisation for 
payments over a certain value. However, in network based 

2& commerce a merchant can not physically examine, a 
purchasers credit card, and thus the fraud risk nay 
revert to the merchant in so called !i eard not present » 
transactions, Hany merchants can not qualify to take 
this risk because of their limited financial resources. 

20 Thus tne invention is important to allow many merchants 
to participate in network based commerce, 

Other objects of the invention include utilising 
existing financial instruments such as credit cards, 
debit cards, and demand deposit accounts for merchant. 

35 payments. 
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Existing netvoric payment, systems do not connect 
■:.o the financial system for authorisation and are not 
compatible with conventional financial .instruments. 
Existing network payment systems include the Simple 

S Network F>ay3sent Protocol [Dufcach, 5. , SNPPt A Simple 
network Payment Protocol, HIT Laboratory for Computer 
Science, Cambridge, MR, Sirbu's Internet Billing 

Server [Sirfeu, K. A. , Internet Billing Service Design and 
Prototype Implementation, Information Networking Program, 

10 Carnegie -Ms 11 on University, 1993 3, and Hetcash [Medvinsy, 
G. f and Nevxtvan, 8, C, , NetCash; A Design for Practical 
Electronic Currency on the Intcr.net, Proc. 1st ACM Coat* 
on Cosrp, and Coras. Security, Kovember, 1953], 

A further object of the invention is to allow 

is users in an unt rusted network environment to use 

conventional financial instruments without requiring 
modification to existing financial system networks. 

The following definitions apply to the present 
invention, A principal is a person, company., 

20 institution, or other entity that is authorized to 

transact business as part at a network payment systeau A 
payment order describes the identity of a sender, a 
payment amount, a beneficiary, and a sender -unique once. 
A sender is a principal asking a pay&ent. A beneficiary 

25 is a principal to be pais by the payment, system, A 
sender unigue nonce .is an identifier that is used only 
once by a given sender. An example of sender unique 
nonces are unique tiaestaatps. An external account is an 
account that can be used to settle a payment order for 

30 either a sender or a beneficiary in the external 

financial system. Examples of external accounts include 
de&and deposit accounts and credit card accounts. An 
external device is a physical object that is kept in the 
possession of a user for the purpose of identifying the 

35 user. 
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A network pay-want syste* is a service that 
authorises and executes digital payment orders that- are 
bacred by external accounts, A payment system 
authenticates a payment order, checks for sufficient 
s i;unds or credit, and then originates funds transfer 
trar.saot.ions to carry out the payment order - A payment 
system acknowledges acceptance or rejection of a payment 
order. Here than one payment system may exist on a 
given network,, and a given payment system may operate on 
io ssore than one host to increase its reliability, 

availability, and performance, &n authent icator is a 
digital value that is appended to a payment order and 
becomes part of the payment order that authenticates the 
payment order as genuine. 

The invention relates; to a network sales system 
for enabling -users to purchase products using a plurality 
of buyer computers that communicate over a network with a 
plurality of merchant computers. Each merchant eomputer 

20 has a database of digital advertisements. Each digital 
advertisement includes a price ana a product abstract. 
Buyer computers request, display, and respond to digital 
advertisements from merchant computers, Users can 
purchase products with their buyer computers after they 

2S have specified an account to pay for the purchase., A 

network payment service is used to authorize the purchase 
before merchant fulfillment is performed, 

In a particular aspect, of the invention, the 
merchant computer can request account information when it 

30 is not provided by the buyer computer . In another 

aspect of the invention, the buyer computer can present 
to a merchant a pre-attthorizad payment order that is 
obtained from a network payment system . 

In another aspect of the invention, an electronic 

35 sales system contains digital advertisements that include 



programs. The programs are executed on bsha.il: of a user 
by a buyer computer, and car, lead to a purchase request 
directed to a merchant computer that performs product 
fulfillment, 

& In another aspect of the invention a netvori: payment 

system executes payment orders. A payment order includes 
a sender, a beneficiary., a payment amount, and a nonce 
Identifier. A payment order is signed by a client 
computer with an authenticate* that is checked by the 

10 payment system. Payment orders are backed by accounts 
in the banking system, and are authorized by the network 
payment system by sending messages into a financial 
authorization network that Knows the status of these, 
accounts- The payment system accomplishes settlement by 

is sending messages into an existing financial systea 
network. 

In another aspect,, payment orders are 
authenticated based on the delivery address they specify, 
in another aspect , the payment, system will specify in its 

20 authorisation legal delivery addresses. In another 
aspect, authenticates for payment orders are based on 
one-time transaction identifiers that are known only to 
the user and the payment system. In another aspect., 
payment orders for a given sender are only accepted from 

as certain client computer network addresses. In another 
aspect, the network payment system sends messages into a 
financial authorization system in real-time before, the 
network payment system will authorise a payment order, 

30 other objects, features, and advantages of the 

invention will appear from the following description 
taken together with the drawings in which: 

Figure 1 is a block diagram of a typical 
sales svsteas in accordance with the invention? 



wo mumi 



- 7 ~ 

Figure 2 is a screen snapshot of a buyer computer 
display of an overview page £r»» a merchant conputer; 

Figure :< is a screen snapshot; of a buyer computer 
display of a page of digital advertisements from a 
s merchant; computer; 

Figure 4 is a screen snapshot of a buyer computer 
display of an account query page? 

Figure » is a screen snapshot of a .buyer computer 
display of a fulfillment page? 
is Figure 6 is a flow chart illustrating the 

processing of a sale between a buyer computer and a 
merchant computer ; 

Figure ? is a Slow chart illustrating the 
alternate processing of payment order means for obtaining 
is missing payment information? 

Figure a is & screen snapshot. o£ a buyer computer 
display o£ an overview page frost a merchant computer that 
contains a query input by the user; 

Figure 9 is a screen snapshot of a buyer computer 
20 display of digital advertisements in response, to a user's 
query ? 

Figure 10 is a screen snapshot of a buyer 
computer screen of a purchase confirmation; 

Figure li is a screen snapshot of a buyer display 
25 of a fulfillment page like Figure 5? 

Figure. 12 is a flow chart illustrating an 
alternate processing of a sale between a buyer computer 
and a merchant computer where a payment order is pre- 
authorised ; 

30 Figure 13 is a block diagram of a typical network 

payment system in accordance with the invention; 

Figure 14 is a flow chart illustrating the 
authentication, authorization, and settlement of a 
payment order; 
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Figure 15 is a flow chart illustrating ar. 
alternate processing of the authentication and 
verification of a payment order where transaction 
ident.it iers are used; and 
5 Figure 16 is a flow chart illustrating an 

alternate processing of the authorisation of a payment 
order where real-time approval fror> the financial 
authorisation netvorK: saay not foe obtained. 

description of A..m£n£m£&^%mmm...mz$MR^ 

io ft network sales system 200 as shown in Figure 1 

employs a network 6'? to interconnect, a plurality of buyer 
computers 61 and 62, merchant computers 63 and 64, each 
merchant computer with respective digital advertisement 
databases 65 and 66, and a payment computer 68. A user 

is of the system employs a haver computer to retrieve 
advertisements from the merchant computers, and to 
purchase goods of interest. A payment computer is used 
to authorise a purchase transaction, 

A digital advertisement includes a product 

20 description and a price. In digital advertisement 
database 65 prices and descriptions may be stored 
separately, and one price may apply to many product 
descriptions . 

in an alternate embodiment, the network sales 

is system £urther includes external devices that are kept in 
the possession of users so that the users can 
authenticate themselves whan they use a buyer computer* 

The software architecture underlying the 
particular preferred essbodissent is based upon the 

30 hypertext conventions of the World Wide Web, Appendix A 
describes the Hypertext Markup Language (HTML) document 
format used to represent digital advertisements , Appendix 
B describes the HTML forms fill out support in Kosaic 
2.0, Appendix c is a description of the Hypertext 

33 Transfer Protocol (HTTP} netwaen buyer and merchant 
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computers, and Appendix D describes how documents are 
named with Or.iiorra Resource Locators (URLs) in the 
network of computers. A document is defined to be any 
type of digital data broadly construed,, such as 
5 multimedia documents that include text, audio,- and video, 
and documents that contain programs, 

Figure 2 shows an overview screen that has been 
retrieved from a merchant computer by a buyer computer 
and displayed by the buyer computer. It includes links 

10 1, 2, and 3 that when activated by a user cause the 

buyer's computer to take specified actions. In the case 
of link 1, the document shown in Figure 3 is retrieved 
from a merchant computer and displayed. In the case of 
link 2, a short audio segment is retrieved from a 

15 merchant: computer and played. In the case of link 2, the 
query that cars he entered into the query dialog box 4 is 
sent to a merchant computer, and a document is retrieved 
from the merchant computer and displayed. 

Figure 3 shows a document that contains three 

20 digital advertisements. The digital advertisements have, 
been retrieved from the merchant computer after the 
activation of link 3. The merchant computer may set the 
prices contained in the advertisements based on the on 
the identity of the user as determined, for example, toy 

25 the network address of the requesting buyer computer, 
The document includes links 5, 6 f and ? that are. used to 
purchase the products described by the advertisements. 
For example., if link 5 is activated the. missing payment 
information document shown in Figure 4 is retrieved from 

30 the merchant computer and displayed. 

Figure 4 is a missing payment information 
document that is used to gather user account information 
for the requested purchase in an HTML £©ns. Radio 
buttons 8, 9, 10, 11 f 12 are used to select, a means of 

3S payment, dialog box 13 is used to enter an account 



nastier, dialog box 14 is used to enter an optional 
authenticate* for the account.,, purchase button 15 is used 
to send the account information to the merchant computer 
and proceed with the purchase, link 16 is used to abort. 
* the purchase and return to the document shown in Figure 
2., and dialog box 1? is used to enter optional user 
information that is associated with the purchase and 
ultimately used by a financial institution as part of a 
textual billing identifier for the purchase transaction, 

io If provided, this additional information is inclxid&d in 
the payment order for the purchase. 

Figure 5 is a fulfillment document IB that is 
produced once valid account information is provided to 
the missing payment information document in Figure 4 and 

.tS; purchase button IS is activated. 

Figure 6 is a flowchart that, more fully describes 
the information flow in the purchase transaction shown in 
Figures 2 to 5, An initial user inquiry 19 from 
activating link 1 results in the HTTP request 20 for a 

20 specific docajsent with a specified URL, The DEL 
specifies the name of the merchant computer, The 
merchant computer retrieves the document given the URL at 
21, and returns it to the buyer computer at 27., The 
buyer computer displays the resulting HTML document at 

25 23. When the user activates link 5, an HTTP request. 25 
is sent to the merchant computer requesting the document* 

In an alternate, embodiment, document 22 is 
executed at 23 as; a program. A program is defined as a 
set of instructions that can exhibit conditional behavior 

30 based upon user actions or the environment of the buyer 
computer. As is known to those skilled in the art,, there 
are many techniques for representing programs as data* 
The program cars ba .interpreted or it can be directly 
executed by the buyer computer. The program when 

„:?. executed will cause the buyer computer to interact with 
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the user leading to the user purchase request 24, and the 
purchase s&essage 25. 

The merchant computer then attempts to construct 
a payment order at 2S using the information it has 
s gathered about the user. The buyer computer may have 
previously supplied certain credentials using fill cut 
forms or other account identification means such as 
providing the network address of the buyer computer in 
the normal course oi : communication* If the buyer 
ae computer is able to construct a complete payment order at 
2S the payment order is sent to a payment computer tor 
authorisation at 2'K li a parent order can be 
constructed,, processing continu.es at 28 . 

Alternatively, the buyer computer may construct 
is the payment order at 24 and send it to the merchant 

computer at 25, In this case, the payment order assembly- 
steps at 26, at the merchant computer, may only need to 
forward the p&yssent order from the buyer computer, 
A payment order includes user account 
20 information, merchant account information, an amount, and 
a nonce identifier that has not been previously used for 
the same user account- Variations of payment orders can 
be constructed, including payment orders that specify 
user or merchant identifiers in place of account 
£5 information, payment orders that specify a valid time 
period, payment orders that specify foreign currencies, 
and payment orders that include comment strings , Part of 
the process of constructing a payment order is creating a 
corresponding authenticates using one of the 
30 authenticator methods described below, 

In the illustrated embodiment of Figures 3 and 4, 
the .merchant computer does not have sufficient 
information to construct a payment order at 26 and thus 
at :>3 {Figure ?} constructs and returns a missing payment 
35 information document in response to request 25, 



Operation 3 3 includes in the constructed doc 
appropriate form fields based on what information the 
merchant computer has already collected from the user, 
Th« document is returned to the buyer computer at. 34 and 
5 is displayed at 35. When the -user presses the purchase 
button 15, the contents of the form are transmitted to 
the merchant computer, at 36, to a specific URL- name, 
using an HTTP request, Based on the supplied form 
fields, the merchant computer constructs a complete 
10 payment order, Alternatively, the buyer computer may 
construct the payment order at 35 and send it to the 
merchant computer as part of step 36 . In this case, the 
payment order assembly steps 37 at the merchant computer 
simply passes on the payment order from the buyer 
is computer- The payment order is sent to the payment 
computer in a message at 36. 

In either case, the flowchart continues in Figure 
6 where the payment computer checks the authorisation of 
the payment order at 28, If. the payment system 
2Q authorises the request, an. authorisation message at 29 is 
returned to the buyer computer, and the merchant computer 
checks at 30 that the authorisation message came from the 
payment computer using the authenticates mechanism 
described below, assuming that the authorization message 
25 is valid, the merchant computer performs fulfillment at 
30, returning the purchases product in response at 31. 
In our example in Figure 5 the response at 31 is document 
18 that was the logical target of link 5. If the payment 
system does not authorise the payment order then response 
30 31 is a rejection of the user's purchase request, 

in an alternate embodiment, step 30 cars encrypt 
the document using a key that is known to the buyer 
computer. As is known to those skilled in the art, the 
Key can be communicated to the merchant computer using 
.35 convention key distribution protocols. In this manner 



the document will be protected from disclosure to other 
users . 

The fulfillment step at. 30 can alternatively 
schedule a physical product to be shipped via ordinary 
s mail or other means. This can be accomplished by 

updating a fulfillment request database or by sending a 
message to a shipping system. In this case the response 
at, 21 is » confirmation that the product has been 
scheduled to ship. In this way the network sales system 

jo can implement an electronic mail order systeau 

Figures 8, 9, 10, and .1.1 show a second example 
that uses query based access to digital advertisements. 
It is assumed that the previous example was used by the 
user immediately before at the same buyer computer. 

15 Figure 8 shows the overview screen where the 

query "movie review" has been entered into dialog box 39 . 
When the user activates process button 40, the merchant 
searches databases as described by the uel attached to 
button 40, and creates a response document as shown in 

20 Figure 9. 

Figure 9 shows digital advertisements 39 , 40, 4.1, 
42, 43, and 44 that were found in response to the query 
initiated by button 40. A scroll bar 45 stows that there 
are additional digital advertisements that are not shown, 

2& When link 46 Is activated, the missing account 

information document shown in Figure 10 is returned by 
the merchant computer. 

Figure 10 shows that the merchant computer has 
partial information on the buyer's account. Message 4? 

30 shows that the merchant computer already knows the 

buyer's account number. Purchase button 48 will send the 
optional user reference string in dialog box 50 to the 
merchant computer described by the URL behind button 48 
ana purchase the product corresponding to digital 
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advertisement 39. cancel link 49 viil return the user to 
the document show- in Figure 2, 

When purchase button 48 is activated, a document 
SI is sent by the merchant computer and displayed by the 
s buyer computer as shown in Figure XI, 

Figure 12 shows an alternative method of 
processing a sales transaction, in this aethod when the 
user requests a purchase at 52, the buyer computer 
constructs a payment order at 53 and sends it for 

10 approval to the payment computer at 54, The payment 

computer authorizes the payment order at 55; and when the 
payment order is authorised, returns an unforgable 
certificate at 56 that the payment order is valid. Means 
of creating such unforgable certificates are described in 

is authenticates method number one below . If at step 55 the 
payment order is not authorised, a rejection message .is 
sent at 56 and the sales transaction is terminated, 

The buyer computer then proceeds at 57 to send a 
prs-authorissd purchase request to the merchant computer, 

30 The unforgable certificate 5S is included in a purchase 
message at 57 that is sent at 58 to the merchant 
computer. Based upon the pre-authoriaed payment order 
the merchant computer performs fulfillment at 59 and 
returns the product at 60. In a variation, the merchant 

25 computer at 59 checks to ensure the payment order has not 
been previously used. This can be accomplished by 
checking with a payment computer or maintaining a 
merchant computer database of previously accented payment 
orders. The unforgable certificate created at step 56 

.Ki does not need to include the user account information. 
This variation is useful if the user wishes to mate 
purchases and rejsain anonymous to the saer chant. 
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A Network Payment. System 

& network payment systea 300 as shewn in Figure 
13, employs a public packet-switched network 69 to 
interconnect a plurality of client computers 70 and 71, 
s and a plurality of payment computers such as 72, each 
payment computer having an account database 73 f a 
settlement database 74, an authorised address database 
75, a sender credential database 76, a financial system 
interface 77 , and a real-time authorization interface 78, 

xc The interfaces 77 and 78 stay he implemented by a single 
cosimurs i cat ions line,. 

In an alternate embodiment, the network, payment 
system further includes external devices that are kept in 
the possession of users so that the users can 

is authenticate themselves when they use a buyer computer v 
Account database 73 maintains temporal spending 
amounts, such as the amount spent in the current day, and 
also maintains temporal spending limits. The account 
database may also maintain a translation between 

28 principal identifiers and external account identifiers. 
Settlement database 74 records committed payment orders 
along with any authorisation information for the orders 
that was obtained from interface IB, Address database 75 
maintains for each sender a list of authorized buyer 

25 computer and delivery addresses . Credential database 76 
maintains a list of credentials for principals and 
information that can be used to authenticate principals. 

Figure 14 is a flowchart that describes the 
operation of the payment system. A client computer 71 

30 constructs a payment order at 75, and computes and adds 
an authenticates to the payment order at SO. The payment 
order is sent at 81 to a payment computer, where the 
authenticate is verified at 82 to ensure that the 
payment order was originated by the sender it describes* 
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Below we present different means of implementing 80 and 
82. 

If the payment order is authentic and address 
restrictions are desired, at 83, either or both of the 

s client computer address or the specified delivers- address 
can be checked against address database 75. If address 
restrictions are desired and if the addresses .in the 
pay-sent order are not in the database, the payment 
computer sends a rejection message to the client 

10 computer. Address database 75 specifies, for each 
principal, acceptable client computer addresses and 
delivery addresses, A delivery address can be. a network 
address, or a street address for packaged goods. As is 
known in the art, database 75 can include wild-card 

is specifications and siailar techniques to red-ace its size. 
For example, database 75 could contain an entry for 
principal identifier «*§ac»e.ca»* restricting legal 
delivery addresses to "computer: *.cob p , "computer: 
cmu.edu", and "surface: *, 34 Main Street, Any town, USA" , 

20 indicating that any user at the company Acme can order 
products to tee delivered to the network address at Acme 
or the university cm f or to anyone at 34 Main Street, 
Any town, OS A* 

If payment order address restrictions are not 

25 desired or have been checked, processing continues at 84 
where the payment order is checked for replay and 
temporal spending limits. Replay is checked for by 
making sure that the sender did not previously present a 
payment order with the sasse nonce by checking an index of 

30 committed payment orders by nonce in settlement database 
74. If nonces are based on time, then a payment order 
that is older than an administratively determined value 
can be rejected out of hand. Time based nonces or 
sequential nonces permit old nonces to be removed from 

3S the settlement database 74 > If a payment order has been 
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previously processed or its nonce, is too old, the payment 
order computer sends a rejection message to the client. 

After the payment order passes the replay check, 
temporal spending limits are checked in account database 
s 73 . These spending limits; can. be applied on a per 
sender., per group of senders, and per payment system 
basis to limit fraud risk. The limits can be applied to 
any duration of time, for example a maximum spending 
aaount per hour or per day. If the payment order would 

10 violate a spending li*ait, the payment computer sends a 
rejection message to the client, 

Once the payment order passes the temporal 
spending cheek at 84, a message is constructed at 85 to 
check that the external account that backs the sender's 

13 payment system account has adequate funds or credit. If 
the sender identifier in the payment order is not already 
an account number in the external financial system, it is 
translated into a corre spending account number in the 
external financial system using account database 73, A 

.30 real-ti&e authorisation request message is sent at SS to 
the external financial system over interface 78. If the 
external financial system approves authorisation request 
86 , an authorisation message is returned at 87. If 
request S6 is not approved, the payment computer sends a 

25 rejection message to the client at 87. 

In a variation of the above described approach, 
processing continues at 95 after 84 . At 95 real-time 
authorisation is only obtained when the total of a 
sender's payments since the last real-tiae authorisation 

33 reaches a preset value, or the payment order is over a 
preset amount- These preset values can be optionally 
recorded on a per principal basis in database 73 or can 
be administratively determined for ail principals. In 
this sssnner, the number of messages to the external 

3S financial systas can be reduced. In addition, the 
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payment system can avoid making real-time authorisation 
requests for ssjall payments when the risk is acceptable 
to the payment system operator. If real-~ti.S5e 
authorisation is necessary, processing continues at 85 

s after 95. If real~ti*;e authorization is not necessary 
for a request, at 100 the payment order amount is added 
to the sender's total of payments sines, the last real- 
time authorisation in database 73, and processing 
continues at 88. 

jo In another variation after 100 a check is made at 

101 in database 73 to see if a background authorisation 
process should be scheduled. A background authorisation 
process permits the payment computer to continue its 
normal processing while it checks with the financial 

is authorization network on the sender's account. This 
aechanissa can be used to limit payment system risk. If 
the background authorisation fails, the account is 
suspended by so updating -database 73. If the sender's 
total of payments since last authorisation is over a 

20 preset value stored in 73 then a background authorisation 
process is scheduled at 102. Otherwise processing 
continues at 88. 

in another variation, at §5 and 101 
authorizations are obtained based on the amount spent 

25 since last authorisation and time since last 
authorisation. 

At 88 the payment order is committed, to execution 
and is recorded in settlement database 74. Recorded with 
the payment order in database 74 are portions of 

30 authentication message 67 that show that the payment 
computer contacted the remote financial systera. t?he 
amount of the payment order is added to running temporal 
spending records in database 73, and an authorisation 
message is sent to the client computer at §0. The 

55 authorisation message includes the payment order. In an 
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alternate embodiment, at 90 the authorisation message 
contains a truncated payment order that includes at least 
the payment order's sender and the payment order's unique 
nonce* 

S Xn an alternate embodiment, the authorisation 

message sent to the client at 90 includes at least one 
legal delivery addresses for the sender as determined 
from database 75* 

Authorization message 90 must be transmitted in 

10 such a way that the client computer can foe sure that it 
c&me from the pay-sent computer, &t 89 a. payment, system 
specific authenticate*- is added payment order. At 31 
this authenticator is checked by the client computer, 
The steps at 89 are. a dual of step BO, and the steps at 

is 91 are a dual of step S3. The. authentication means tot- 
steps 89 and 91 are descrifoed below. 

Finally, settlement is performed at 92 in the 
external financial system 7"' between external accounts 
that correspond to the sender and the beneficiary* If 

20 settlement is accomplished as part of real-tisie 

authorisation at steps; 86 and 87, as say occur In a real- 
time debit network, then no other steps need to be taken. 
If. settlement is not accomplished as part of the 
authorisation process, then financial system messages are 

2S sent to interface 7? to effect settlement. Depending on 
the external accounts involved, these messages Kay 
include electronic funds transfer messages or automated 
clearinghouse messages* 

In an alternate embodiment, at 92 settlement 

3D messages are sent to reconcile net transfer balances 

between principles on a temporal basis, for example once 
a day- In this embodiment the number of settlement 
messages can he less than the number of payment, orders. 

Authenticates jsay foe created and checked using 

3S one of the following methods. The payment computer can 
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use any of the first Jour methods, and the client, 
computer can use any ot the methods described* 

In a first jEasthod for authsnticators, at steps SO 
cr S9, a digest of the payment order is signed by the 
5 sending computer using a public-key cryptographic system 
such as RSAv This signature is used as the 
authanticator. As is well Known in the art, the signing 
can be accomplished using a private key created from a 
public-key pair, where the signing key is only known by 
10 the signer, and the other public key is known to the 

receiving computer. At the payment computer the public 
key corresponding to each sender is Kept in credential 
database 76, The private key for the payment service is 
also kept in database 76, At steps 82 or 31, the 
is signature of the received message is checked using the 
public key known to the receiving computer. 

In a second method for authsnticatcrs , at steps 
80 cr 89, a digest of the payment order is signed by the 
sending computer with a private key crypt ©system such as 
SO BES, This signature is used as the atsthenticator. At 
the payment computer, the private key corresponding to 
each sender is kept in credential database 76, ht step 
80, a digest of the payment order is signed by the client 
computer, and at step 89 a digest of the payment order 
25 with an added approval code is signed by the payment 
computer using the same private key, At steps 82 or 91, 
the signature of the received message is checked using 
the shared private key. 

in a third method for authenticates, at step SO 
30 the authenticates is computed by a protected device 

external to the system such as a smart-Card. A protected 
device is specifically designed to he extremely difficult 
both to replicate and to compromise. In this method, the 
payment order is communicated at SO to a Ssart-Card. The 
35 Smart-Card computes and signs a digest of the payment 
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order, and then communicates the signature back at SO to 
be used as an authenticates:. A Smart-Card produced 
authenticator uniquely associates a payment order with 
its creating assart -Card, This is accomplished by having 
S the Smart-Card contain a secret key "K 8 that is used to 
create a digital signature of the payment order, U K" is 
never released outside of the smart-card, The Smart-Card 
is designed to make it computationally infeasihle to 
compute »K" even with possession of the device. In this 

xq method, at step 82, a signature checking key from 

database 76 is used to check the authenticator . In an 
alternate embodiment, a user must sannally signal their 
acceptance of each payment order on an input device that 
is part of the. external device before the authenticator 

is is created by the external device, 

In a fourth method lor authenticates, at steps 
80 or 39 s a network address is used as an authenticator, 
At steps 82 or 91 f a digest cf the payment order is sent 
hack to the specified network address along with a random 

20 password. The computer at the specified network address 
must then return the payment order digest along with the 
password. If the network guarantees to deliver messages 
to the proper network address, this -method will guarantee 
that the user or computer at the spec! £ led network 

as address approves of the payment order- Assuming that 
network delivery is trusted,, this method can he used to 
authenticate a sender computer's network, address in a 
payment order. Alternatively, electronic mail can be 
used to send such confirmation messages between a user 

so and the payment system, 

In a fifth method for authenticates, at step SO, 
the authenticator is produced by an external device that 
produces a sequence cf non-predicabie transaction 
identifiers that are device specific, The authenticator 

3S is entered by the user into the client computer by 
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reading its display. One such device is described in 
U.S. Patient 4,856,062- According to this method, at step 
91, the authenticate* can be checked using the sender 
specific fixed cede of the device which is kept in 
5 database 76, This sequence of steps is also shown in 
Figure 15 a* steps 93 and $4, 

In a sixth method for authenticators , at step BO, 
the authenticates' is obtained by querying the user for a 
transaction identifier that, is the next string from a 
10 physical list of one-time authorisation strings. Such as 
list could be produced on a card,, and the user can cross 
off authorisation strings as they are used. According to 
this method, at step 91, the authenticate is checked 
against the next expected string frost the sender using 
15 database 76, Database 76 can hold for each sender a list 
of random authorisation strings, or can hold a sender 
specific secret key that was used to generate the list of 
authentication strings along with how aany strings have 
been used so far- This sequence of steps is alsc shown 
20 in Figure 15 at 93 and 94, 

in a seventh method for authenticators, at step 
80 the authenticate* is a previously obtained personal 
identification nusabsr {PIS} for the user. In this method 
1x5 §X the authenticates: is checked against the expected 
25 PIN for the sender using database 76. 

As will be obvious to one skilled in the art, any 
of the methods for creating authenticators can be used 
together to increase system security. For example, 
authenticator aethed six can he used to create an 
30 authenticates based on a transaction identifier., and then 
a payment order including a transaction identifier can foe 
given a further authenticator using authenticates method 
one, in this example the resulting authenticators would 
foe checked with their respective methods. 
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A digest ot a payment order can be created with 
an algorithm such as [R. Rivest, The MD5 Message- 

Digest Algorithms f MIT Laboratory tor Computer Science, 
Network Working Group Request tor Cosxasents 1321], 
s Alternatively, a digest can be the entire payment order 
or other functions of the payment order's component 
parts . 

In addition in both th« sales and payment systems 
alternate authenticator techniques can foe used such as 

■0 those described by Voydcck and Kent in "Security 

Mechanises in High-level Network. Protocols", Computing 
Surveys Vol. 15, no. 2, June As will be 

appreciated by those skilled in the art, two-way 
authenticated byte-stream or resists procedure call 

•5 interface connections that protect against replay can 
replace our message based authsnticators - 

Additions, subtractions { deletions, and other 
modifications ot the described embodiment will be 
apparent to those practiced in the art and are within the 

20 scope of the following claims . 
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CLAIMS 

1. A network sales system comprising 
a plurality of buyer computers and at least one 
mercL^ant computer interconnected by a communications 
network, 

s 5-eans at each merchant computer for maintaining 

and providing a database of digital advertisement s 
comprising 

means for storing said digital advertisements, 
each digital advertisement including a product abstract, 
10 means Sor communicating a digital advertisement 

to a buyer computer over said network in response to a 
network request from said buys* computer, 

means at each buyer computer for requesting, 
displaying, and responding to digital advertisements 
as comprising 

means responsive to a user inquiry for selecting 
a merchant computer and obtaining a digital advertisement 
for a product from said database of advertisements at 
said merchant computer, 
20 display sseans for displaying said advertisement , 

purchase means responsive to a user request, for 
communicating a purchase message to said merchant 
computer , 

account identification means tor transmitting the 
25 user's account, information to said merchant computer,. 

means, at said merchant computer, comprising 
authorization means to authorise said purchase 

message by sending messages into a financial system 

network , 

3Q fulfillment means to send said product to user 

conditional on approval .of said authorisation means- 
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2 - The nexwork sales sysfcs-m of claim 1 further 
wherein said authorisation means at said merchant 
eompu ter cotspr i ses 

means for communicating a missing parent 
s information request message to said buyer computer to 
obtain ssissing payment information, 

tseans for receiving said missing payment 
information from said buyer computer, 

means for authorising said purchase message by 
10 sending messages into a financial system network,. 

and said account identification means at said 
buyer computer comprises 

iseans responsive to said hissing payment 
information request message to query the user for 
15 additional payment information, 

means to send said additional payment information 
to said merchant computer. 



3. The network sales system of dais 1 farther 
wherein said account identification means comprises 




payment system for authorisation, 

and wherein said authorization means comprises 
means for verify lug that said payment order has 



2S been previously authorized by said payment system, 

4» An electronic sales system comprising 
means tor storing a database of digital 

advertisements, each digital advertisement for a product 

including a program, 
30 means for communicating a digital advertisement 

to a buyer computer, 

seans at said buyer computer for displaying and 

responding to said digital advertisement comprising 
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display means for displaying said digital 
advertisement by executing a portion of said 
advertisement as a program and performing actions as 
specified by said program, 
§ purchase sseans responsive to a user request for 

communicating a purchase messages to a merchant comparer, 
means, at said merchant computer, comprising 
fuifillment means to send said product to user. 

5, A network payment system comprising 
io a plurality of client computers and at least one 

payment computer interconnected by a public packet 
switched communications network, 

mesne at a client, computer for performing payment 
comprising 

is payment specification means for 

constructing a payment order from a sender to a 
beneficiary* 

signing means for authenticating said 



payment order as originating .from said sender, 




means for receiving a payment order authorisation 
message from said payment computer , 



means responsive to a payment order mess-age at 
2S said payment computer comprising 

verification means for verifying that said sender 
originated said payment order, 

authorization Beans for sending a message into a 
financial authorisation network to verify that said 
30 sender has adequate funds or credit and receiving an 
authorisation in response, 

means for recording said payment order and 
authorisation in a settlement database, 
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response sseans for sending an 
authorization message to said client computer., 

means for sending at least one message 
into a financial system network to transfer funds from 
said sender to said beneficiary. 

6. -the network payment system of claim S further 
wherein said payment specification Beans comprises 

means for constructing a payment order, said 
payment order including a delivery address, 

and said verification tseans comprises 

sseans for verifying that said sender originated 
said payment order and checking said delivery address 
against a database of allowed delivery addresses for said 
sender. 



7. The network payment system of claiss 5 further 
wherein said response means comprises 




means for sending an authorization message to 
said client, computer that includes allowed delivery 
addresses » 



8* The network payment system of claim S further 
wherein said signing means comprises 

Taeans for generating the ne&t expected 
transaction identifier for said sender and using it to 
create an authenticator ? 

and wherein said verification sseans comprises 
means for generating the next expected 
transaction identifier for said sender, and 

means for verifying that said authenticates' was 
created using said transaction identifier. 
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§, The network payment syst&m o.t: claims 5 further 
wherein said signing means comprises 

means for generating an auth&nf icator using an 
external device, 
5 and wherein said verification aseans comprises 

m«ans for verifying that said authenticator v?as 
created using said external device. 

10 * The network payment system of claim S 
further wherein said payment specification moans 
10 emprises 

jseans for constructing a payment order frost a 
sender, said payment order including a client computer's 
network address , 

ana said verification means comprises 
is means for verifying said paymerst order was 

constructed at said client computer's network address and 
checking said client address against a database of 
allowed client addresses for said sender, 

XI, The network payment system of claim 5 
30 further wherein said authorization means comprises 

determination means for determining the necessity 
for real-time authorisation,. 

means for performing real-time authorisation 
conditioned on said determination jseans, 

25 12. K method for effecting sales over a network 

sales system havirsg a plurality of buyer computers and at 
least one merchant computer interconnected by a 
communications network, encompassing the steps of 

maintaining and providing a database of digital 
3$ advertisements at each merchant computer 

storing said digital advertisements, each digital 
advertisement including a product abstract. 
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eosmuiicating a digital advert isement to a buyer 
computer over said network in response to a network 
request from said buyer computer, 

requesting, displaying, and responding at each 
5 buyer computer to digital advertisements comprising the 
steps of 

selecting in response to a user inquiry a 
merchant computer and obtaining a digital advertisement 
for a product from said database of advertisements at 




communicating in response to a user request a 
purchase message to said merchant computer, 

transmitting the user's account information to 
is said merchant computer, 

authorising at said merchant computer said 
purchase message fey sending messaqes into a financial 
system network, end 

sending said product to said user conditional on 
20 approval from said authorising step. 




communicating a missing payment information 



25 request message to said buyer computer to obtain missing 
pa yment ini ormat ion , 

receiving said missing payment information from 
said buyer computet, 

authorizing said purchase ssessage by sending 
as messages into a financial system network:, 

and said account identification step at said 
buyer computer comprising the steps of 
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querying the user for additional parent 
information responsive to said ja.iss.ing payment 
information request message, 

ana sending said additional paymsnt information 
s to said merchant computer. 




assembling a parent order, and 



10 seeding said payment order to a network payment 

system for authorization, 

and wherein said authorisation step comprises the 

step of 

verifying that said payment order has been 
as previously authorised by said payment system, 

15. An electronic sales method comprising the 

steps of 

storing a database of digital advertisements, 
each digital advertisement for a product including a 
28 program, 

cosmmnicating a digital advertisement to a buyer 
computer, 

displaying and responding to said digital 
advertisement at said buyer computer comprising the steps 
2S of 

displaying said digital advertisement by 
executing a portion of said advertisement as a program 
and performing actions as specified fey said program, 
communicating a purchase message in response to a user 
38 request to a merchant computer, 

sending at said merchant computer said product to 

tsser» 
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16, A network payment method comprising the 
steps of interconnecting a plurality of client computers 
and at least one payment computer by a public packet 
switched communications network , 
$ performing parent at a client computer 

comprising the steps of 

constructing a payment order frois a sender to a 
benef iciary, 

authenticating said payment order as originating 
10 from said sender, 

sending said payment order to a payment computer,, 
and receiving a payment order authorisation 
message .frois said payment computer, 

responding to a payment: order message at said 
as payment coi&puter comprising the steps of 

verifying that said sender originated said 
payment order, 

sending a message into a financial authorization 
network to verify that said sender has adequate funds or 
20 credit and receiving an authorisation in response, 

recording said payment order and authorization in 
a settlement database, 

sending an authorization message to said client 
computer , 

25 and sending at least one message into a financial 

system network to transfer funds froja said sender to said 
beneficiary* 

11- The network payment system of claim 16 
further wherein said constructing step means comprises 
so the steps of 

constructing a payment order, said payment order 
including a delivery address, 

and said verifying step comprises the steps of 
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verifying that said sender originated said 
payment order, ana 

checking said delivery address against a database 
of allowed delivery addresses for said sender. 

18. The network payment method of claim 16 
further wherein said second sending step comprises the 
steps of 

determining allowed delivery addresses for said 

sender, 

and sanding an authorisation message to said 
client computer that includes allowed delivery 
addresses* 



IS, The network payment method of claim 16 
further wherein said authenticating step comprises the 




and wherein said verifying step comprises the 




20. The network payment method of cXaiss 18 
further wherein said authentication step comprises the 
step of 

generating an authenticate*- using an external 

device, 
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verifying that said authenticator was created 
using said external device. 

21, She network payment method of olai» 16 
further wherein .said constructing step comprises the step 
s of. 

constructing a payment order from a sender f said 
payment order including a client computer's network 
address ? 

and said verifying step means comprises the steps 

io of 

verifying said payment order was constructed at 
said client computer's network address, 

and checking said client address against a 
database of allowed client addresses for said sender, 

15 22 . The network payment method of claim 1C> 

further wherein said second sending step comprises the 
steps of 

determining the necessity for real-time 
authorisation, 

jo and performing real-time authorisation 

conditioned on its determined necessity. 
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